Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/df99d3-5028-4361-b795-3af4a9463b77/1/i3uS1vOEnzVWVUGNpaDdeRDIEsc.roa
File: i3uS1vOEnzVWVUGNpaDdeRDIEsc.roa (raw, json)
Hash identifier: hiCaHskbsCgv8nQEHi/iVMye8srWKprh7aA1JH5s930=
Subject key identifier: 8B:7B:92:D6:F3:84:9F:35:56:55:41:8D:A5:A0:DD:79:10:C8:12:C7
Certificate issuer: /CN=0efd1cad121902755089e3ca80ba6d7ccc4b9b71
Certificate serial: 01856FF93E74F6709D1A0ECF469596DA9B0F
Authority key identifier: 0E:FD:1C:AD:12:19:02:75:50:89:E3:CA:80:BA:6D:7C:CC:4B:9B:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dv0crRIZAnVQiePKgLptfMxLm3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/df99d3-5028-4361-b795-3af4a9463b77/1/i3uS1vOEnzVWVUGNpaDdeRDIEsc.roa
Signing time: Mon 02 Jan 2023 00:54:43 +0000
ROA not before: Mon 02 Jan 2023 00:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212488
IP address blocks: 2001:67c:3f8::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:3e:74:f6:70:9d:1a:0e:cf:46:95:96:da:9b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0efd1cad121902755089e3ca80ba6d7ccc4b9b71
Validity
Not Before: Jan 2 00:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b7b92d6f3849f355655418da5a0dd7910c812c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:32:5e:a4:f6:53:78:2b:cf:5b:fb:21:de:03:
b5:10:fa:0a:e9:32:45:fd:0f:f5:d3:30:b4:77:66:
2b:3c:6d:20:b8:0b:c1:bb:65:07:c3:5c:3b:49:32:
8e:79:6e:90:b5:d1:48:bc:9f:ab:1d:bb:81:fc:a2:
67:75:9e:d4:dd:18:df:ff:c3:e5:ac:a8:a7:18:39:
b3:35:e9:25:28:f5:09:5c:14:66:9a:9f:ff:b1:8d:
51:87:46:3b:ad:96:d4:92:eb:41:52:df:c6:e9:37:
4b:89:9c:89:a3:ae:de:b8:52:13:81:54:aa:9e:7e:
92:c1:2b:03:21:e1:e8:9e:93:18:b9:20:d6:ab:b1:
7b:90:66:ad:2a:67:3f:7a:d4:76:ce:f4:ca:c0:92:
54:4e:94:21:9c:38:95:dc:de:39:7d:bf:54:1e:86:
af:d0:9c:1b:d8:0a:a1:3f:d7:be:2c:72:09:b0:11:
57:21:f7:dc:49:bf:8f:3a:c0:4f:d3:7e:a9:08:de:
92:17:b6:ea:3e:b6:65:ae:95:f4:27:6a:2a:55:54:
63:78:64:00:56:6d:42:40:55:ad:16:ee:26:56:1e:
5c:5a:87:24:1d:a4:7c:a2:72:af:f3:5a:bf:ba:0d:
98:c3:f2:9e:6e:be:db:50:80:99:b1:8d:49:71:33:
f6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:7B:92:D6:F3:84:9F:35:56:55:41:8D:A5:A0:DD:79:10:C8:12:C7
X509v3 Authority Key Identifier:
keyid:0E:FD:1C:AD:12:19:02:75:50:89:E3:CA:80:BA:6D:7C:CC:4B:9B:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dv0crRIZAnVQiePKgLptfMxLm3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/df99d3-5028-4361-b795-3af4a9463b77/1/i3uS1vOEnzVWVUGNpaDdeRDIEsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/df99d3-5028-4361-b795-3af4a9463b77/1/Dv0crRIZAnVQiePKgLptfMxLm3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:3f8::/48
Signature Algorithm: sha256WithRSAEncryption
64:db:a2:ea:36:e7:fa:0a:54:86:af:91:7e:b7:df:ec:83:1a:
c8:b8:f2:32:83:c5:40:b7:6c:ea:15:5b:93:85:68:bc:4c:f7:
0b:4a:c6:ea:04:75:a6:c8:c2:84:35:54:43:c4:f2:a8:80:40:
d4:68:26:54:8a:12:7c:c2:1a:90:83:ce:15:fa:fa:30:28:e8:
dc:6c:af:f6:2e:fe:bc:07:97:b8:12:5a:08:ab:0c:8a:c9:4f:
fe:33:5a:43:a3:82:b1:fd:e1:4e:64:c7:f6:90:6f:81:08:f8:
55:25:57:65:1c:d2:3a:d9:69:f7:0f:d7:f0:51:42:de:25:31:
2c:ea:61:c3:88:cb:fc:43:13:41:bb:79:ec:db:49:cc:8d:93:
e5:5a:84:b6:b8:4e:ae:b8:cf:4f:7a:c0:00:5b:5c:bc:69:12:
ca:9a:fc:40:14:db:a1:4d:ad:68:ae:7f:ce:2f:83:4e:da:d3:
2a:67:45:65:d4:21:88:c9:47:0c:a3:89:b7:6d:5c:bd:65:07:
55:4e:fb:2c:76:b9:0f:1e:09:27:88:7e:c4:a1:4a:ab:f8:f0:
22:94:30:d6:fd:5d:3c:0e:db:53:b4:77:d6:5b:11:ed:a1:17:
b5:49:e1:f7:fc:04:76:4d:da:a9:c6:55:96:d9:58:5b:15:f3:
74:b8:92:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVv+T509nCdGg7PRpWW2psPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZmQxY2FkMTIxOTAyNzU1MDg5ZTNjYTgwYmE2ZDdjY2M0
YjliNzEwHhcNMjMwMTAyMDA1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjdiOTJkNmYzODQ5ZjM1NTY1NTQxOGRhNWEwZGQ3OTEwYzgxMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzJepPZTeCvPW/sh3gO1EPoK6TJF
/Q/10zC0d2YrPG0guAvBu2UHw1w7STKOeW6QtdFIvJ+rHbuB/KJndZ7U3Rjf/8Pl
rKinGDmzNeklKPUJXBRmmp//sY1Rh0Y7rZbUkutBUt/G6TdLiZyJo67euFITgVSq
nn6SwSsDIeHonpMYuSDWq7F7kGatKmc/etR2zvTKwJJUTpQhnDiV3N45fb9UHoav
0Jwb2AqhP9e+LHIJsBFXIffcSb+POsBP036pCN6SF7bqPrZlrpX0J2oqVVRjeGQA
Vm1CQFWtFu4mVh5cWockHaR8onKv81q/ug2Yw/Kebr7bUICZsY1JcTP2rQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIt7ktbzhJ81VlVBjaWg3XkQyBLHMB8GA1UdIwQY
MBaAFA79HK0SGQJ1UInjyoC6bXzMS5txMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHYwY3JSSVpBblZRaWVQS2dMcHRmTXhMbTNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kZjk5ZDMtNTAyOC00MzYxLWI3OTUt
M2FmNGE5NDYzYjc3LzEvaTN1UzF2T0VuelZXVlVHTnBhRGRlUkRJRXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kZjk5ZDMtNTAyOC00MzYxLWI3OTUtM2FmNGE5NDYzYjc3
LzEvRHYwY3JSSVpBblZRaWVQS2dMcHRmTXhMbTNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAP4
MA0GCSqGSIb3DQEBCwUAA4IBAQBk26LqNuf6ClSGr5F+t9/sgxrIuPIyg8VAt2zq
FVuThWi8TPcLSsbqBHWmyMKENVRDxPKogEDUaCZUihJ8whqQg84V+vowKOjcbK/2
Lv68B5e4EloIqwyKyU/+M1pDo4Kx/eFOZMf2kG+BCPhVJVdlHNI62Wn3D9fwUULe
JTEs6mHDiMv8QxNBu3ns20nMjZPlWoS2uE6uuM9PesAAW1y8aRLKmvxAFNuhTa1o
rn/OL4NO2tMqZ0Vl1CGIyUcMo4m3bVy9ZQdVTvssdrkPHgkniH7EoUqr+PAilDDW
/V08DttTtHfWWxHtoRe1SeH3/AR2TdqpxlWW2VhbFfN0uJKm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:53 2024 by rpki-client on console-fra.rpki-client.org